Hi,
On Fri, Mar 26, 2021 at 05:05:45PM +0100, Arne Schwabe wrote:
> +/* Disable TLS renegotiations. OpenVPN's renegotiation creates new SSL
> + * session and does not depend on this feature. And TLS renegotiations
> have
> + * been problematic in the past */
> +sslopt |= SSL_OP_NO
Hi,
On 26/03/2021 17:05, Arne Schwabe wrote:
> Renegotiations have been troublesome in the past and also the recent OpenSSL
> security problem (CVE-2021-3449) is only exploitable if TLS renegotiation
> is enabled.
>
> mbed TLS disables it by default and says in the documentation:
>
> Warning: It
Renegotiations have been troublesome in the past and also the recent OpenSSL
security problem (CVE-2021-3449) is only exploitable if TLS renegotiation
is enabled.
mbed TLS disables it by default and says in the documentation:
Warning: It is recommended to always disable renegotation unless you kn
